leftypol
/
leftypol
4
5
Fork 2
Code Issues 60 Pull Requests 1 Projects Releases Wiki Activity
Browse Source

Merge branch 'master' of github.com:vichan-devel/vichan

pull/40/head
czaks 8 years ago
parent
186ad5ca86 19b70663d7
commit
d310abc95c
5 changed files with 17 additions and 30 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      inc/functions.php
  2. 4
      inc/mod/pages.php
  3. 10
      mod.php
  4. 29
      post.php
  5. 2
      templates/page.html

2
inc/functions.php
View File

@ -880,7 +880,7 @@ function displayBan($ban) {
Element('page.html', array( Element('page.html', array(
'title' => _('Banned!'), 'title' => _('Banned!'),
'config' => $config, 'config' => $config,
'nojavascript' => true, 'boardlist' => createBoardlist($mod),
'body' => Element('banned.html', array( 'body' => Element('banned.html', array(
'config' => $config, 'config' => $config,
'ban' => $ban, 'ban' => $ban,

4
inc/mod/pages.php
View File

@ -15,7 +15,7 @@ function mod_page($title, $template, $args, $subtitle = false) {
'hide_dashboard_link' => $template == 'mod/dashboard.html', 'hide_dashboard_link' => $template == 'mod/dashboard.html',
'title' => $title, 'title' => $title,
'subtitle' => $subtitle, 'subtitle' => $subtitle,
'nojavascript' => true, 'boardlist' => createBoardlist($mod),
'body' => Element($template, 'body' => Element($template,
array_merge( array_merge(
array('config' => $config, 'mod' => $mod), array('config' => $config, 'mod' => $mod),
@ -846,7 +846,7 @@ function mod_page_ip($ip) {
$args['security_token'] = make_secure_link_token('IP/' . $ip); $args['security_token'] = make_secure_link_token('IP/' . $ip);
mod_page(sprintf('%s: %s', _('IP'), $ip), 'mod/view_ip.html', $args, $args['hostname']); mod_page(sprintf('%s: %s', _('IP'), htmlspecialchars($ip)), 'mod/view_ip.html', $args, $args['hostname']);
} }
function mod_ban() { function mod_ban() {

10
mod.php
View File

@ -12,16 +12,6 @@ require_once 'inc/mod/auth.php';
if ($config['debug']) if ($config['debug'])
$parse_start_time = microtime(true); $parse_start_time = microtime(true);
// Fix for magic quotes
if (get_magic_quotes_gpc()) {
function strip_array($var) {
return is_array($var) ? array_map('strip_array', $var) : stripslashes($var);
}
$_GET = strip_array($_GET);
$_POST = strip_array($_POST);
}
$query = isset($_SERVER['QUERY_STRING']) ? rawurldecode($_SERVER['QUERY_STRING']) : ''; $query = isset($_SERVER['QUERY_STRING']) ? rawurldecode($_SERVER['QUERY_STRING']) : '';
$pages = array( $pages = array(

29
post.php
View File

@ -7,16 +7,6 @@ require_once 'inc/functions.php';
require_once 'inc/anti-bot.php'; require_once 'inc/anti-bot.php';
require_once 'inc/bans.php'; require_once 'inc/bans.php';
// Fix for magic quotes
if (get_magic_quotes_gpc()) {
function strip_array($var) {
return is_array($var) ? array_map('strip_array', $var) : stripslashes($var);
}
$_GET = strip_array($_GET);
$_POST = strip_array($_POST);
}
if ((!isset($_POST['mod']) || !$_POST['mod']) && $config['board_locked']) { if ((!isset($_POST['mod']) || !$_POST['mod']) && $config['board_locked']) {
error("Board is locked"); error("Board is locked");
} }
@ -447,7 +437,7 @@ if (isset($_POST['delete'])) {
$i = 0; $i = 0;
foreach ($_FILES as $key => $file) { foreach ($_FILES as $key => $file) {
if ($file['size'] && $file['tmp_name']) { if ($file['size'] && $file['tmp_name']) {
$file['filename'] = urldecode(get_magic_quotes_gpc() ? stripslashes($file['name']) : $file['name']); $file['filename'] = urldecode($file['name']);
$file['extension'] = strtolower(mb_substr($file['filename'], mb_strrpos($file['filename'], '.') + 1)); $file['extension'] = strtolower(mb_substr($file['filename'], mb_strrpos($file['filename'], '.') + 1));
if (isset($config['filename_func'])) if (isset($config['filename_func']))
$file['file_id'] = $config['filename_func']($file); $file['file_id'] = $config['filename_func']($file);
@ -625,12 +615,14 @@ if (isset($_POST['delete'])) {
if ($post['has_file']) { if ($post['has_file']) {
foreach ($post['files'] as $key => &$file) { foreach ($post['files'] as $key => &$file) {
if ($file['is_an_image'] && $config['ie_mime_type_detection'] !== false) { if ($file['is_an_image']) {
// Check IE MIME type detection XSS exploit if ($config['ie_mime_type_detection'] !== false) {
$buffer = file_get_contents($upload, null, null, null, 255); // Check IE MIME type detection XSS exploit
if (preg_match($config['ie_mime_type_detection'], $buffer)) { $buffer = file_get_contents($upload, null, null, null, 255);
undoImage($post); if (preg_match($config['ie_mime_type_detection'], $buffer)) {
error($config['error']['mime_exploit']); undoImage($post);
error($config['error']['mime_exploit']);
}
} }
require_once 'inc/image.php'; require_once 'inc/image.php';
@ -639,6 +631,9 @@ if (isset($_POST['delete'])) {
if (!$size = @getimagesize($file['tmp_name'])) { if (!$size = @getimagesize($file['tmp_name'])) {
error($config['error']['invalidimg']); error($config['error']['invalidimg']);
} }
if (!in_array($size[2], array(IMAGETYPE_PNG, IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_BMP))) {
error($config['error']['invalidimg']);
}
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
error($config['error']['maxsize']); error($config['error']['maxsize']);
} }

2
templates/page.html
View File

@ -9,6 +9,8 @@
<title>{{ title }}</title> <title>{{ title }}</title>
</head> </head>
<body> <body>
{{ boardlist.top }}
{% if pm %}<div class="top_notice">You have <a href="?/PM/{{ pm.id }}">an unread PM</a>{% if pm.waiting > 0 %}, plus {{ pm.waiting }} more waiting{% endif %}.</div><hr>{% endif %} {% if pm %}<div class="top_notice">You have <a href="?/PM/{{ pm.id }}">an unread PM</a>{% if pm.waiting > 0 %}, plus {{ pm.waiting }} more waiting{% endif %}.</div><hr>{% endif %}
<header> <header>
<h1>{{ title }}</h1> <h1>{{ title }}</h1>

Write Preview
Loading…
Cancel
Save